单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.
The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. All users are required to connect to the intranet site by authenticating and using HTTPS. However, because an automated Web application must connect to the Web site by using HTTP, you cannot configure the intranet site to require HTTPS. You need to collect information about which users are connecting to the Web site by using HTTPS.
What should you do?()
A.Check the application log on the Web server.
B.Use Network Monitor to capture network traffic on the Web server.
C.Review the log files created by IIS on the Web server.
D.Configure a performance log to capture all Web service counters. Review the performance log data.
相关考题
-
单项选择题
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()
A.Run the net view command.
B.Run the gpresult command.
C.Use the IP Security Monitor console.
D.Use the IPSec Policy Management console. -
单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 25 Windows Server 2003 computers and 6,000 Windows XP Professional computers.The written company security policy states that network traffic to Web servers must be audited on a regular basis. A server named Server1 is configured as a Web server on the company’s intranet. You install Network Monitor Tools from a Windows Server 2003 product CD-ROM on Server1.You run Network Monitor on Server1 for three hours. When you stop the network capture, you see that Network Monitor captured over 40,000 frames. As you look at the captured frames, you notice that an extremely large number of TCP connection requests have all come from the 131.107.0.1 IP address.In Network Monitor, you need to view only the frames for network traffic that are captured between Server1 and the 131.107.0.1 IP address. What should you do?()
A.Create an Address Capture filter for all network traffic between Server1 and the 131.107.0.1 IP address.
B.Create a Find Frame Expression filter for network traffic captured between Server1 and the 131.107.0.1 IP address.
C.Create an Address Display filter for all network traffic captured between Server1 and the 131.107.0.1 IP address.
D.Create a Pattern Match capture trigger for the 131.107.0.1 IP address. -
单项选择题
You are the network administrator for your company. A Windows Server 2003 computer named Router11 is used to connect the network to the Internet. You find out that some computers on the network are infected with a worm, which occasionally sends out traffic to various hosts on the Internet. This traffic always uses a certain source TCP port number.You need to identify which computers are infected with the worm. You need to configure a solution on Router11 that will perform the following two tasks: Detect and identify traffic that is sent by the worm. Immediately send a notification to a network administrator that the infected computer needs to be repaired. What should you do?()
A.Configure a WMI event trigger.
B.Configure a Network Monitor capture filter.
C.Configure a Network Monitor trigger.
D.Configure a System Monitor alert.
